Session
Client-side OAuth with PKCE
The OAuth standard has been around for a while, but traditionally it has required a back-end server to hold a client secret, well, secret. Until now! By supporting Proof Key for Code Exchange, or PKCE, OAuth flows can now be accomplished entirely in the client--and still be secure. In this talk we begin the standard three-legged flow that utilizes the traditional client secret and then introduce the PKCE technique that relies on a code challenge instead. By the time you leave, you will understand how to implement it in your client applications and the benefits for doing so.
Scott McAllister
Principal Developer Advocate at ngrok
Seattle, Washington, United States
Links
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top